From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: None (no SPF record) identity=mailfrom; client-ip=203.199.198.232; helo=imsva.in.megatrends.com; envelope-from=karunakarp@amiindia.co.in; receiver=edk2-devel@lists.01.org Received: from IMSVA.IN.MEGATRENDS.COM (Webmail.amiindia.co.in [203.199.198.232]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 86A352232BDF8 for ; Wed, 17 Jan 2018 02:23:30 -0800 (PST) Received: from IMSVA.IN.MEGATRENDS.COM (IMSVA.IN.MEGATRENDS.COM [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 9EE6882047; Wed, 17 Jan 2018 16:02:14 +0530 (IST) Received: from IMSVA.IN.MEGATRENDS.COM (IMSVA.IN.MEGATRENDS.COM [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 7DDB482046; Wed, 17 Jan 2018 16:02:14 +0530 (IST) Received: from webmail.amiindia.co.in (venus1.in.megatrends.com [10.0.0.5]) by IMSVA.IN.MEGATRENDS.COM (Postfix) with ESMTPS; Wed, 17 Jan 2018 16:02:14 +0530 (IST) Received: from VENUS2.in.megatrends.com ([fe80::2002:4a07:4f17:c09b]) by VENUS1.in.megatrends.com ([fe80::951:7975:6ecf:eae5%14]) with mapi id 14.01.0438.000; Wed, 17 Jan 2018 15:58:46 +0530 From: Karunakar P To: "'Wu, Jiaxin'" , "'Ye, Ting'" , "'Fu, Siyuan'" , "'edk2-devel@lists.01.org'" Thread-Topic: AsciiPrint() in HttpBootDxe Corrupting the Setup screen Thread-Index: AdOJ2mcWk/hjX4urRy2rJe1VSk/7TQAm0IpAAT9QoLAAAlF7oA== Date: Wed, 17 Jan 2018 10:28:45 +0000 Message-ID: References: <895558F6EA4E3B41AC93A00D163B72741635BF8D@SHSMSX103.ccr.corp.intel.com> In-Reply-To: Accept-Language: en-GB, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.0.84.111] MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-TM-AS-Product-Ver: IMSVA-9.1.0.1600-8.2.0.1013-23600.006 X-TM-AS-Result: No--21.439-5.0-31-10 X-imss-scan-details: No--21.439-5.0-31-10 X-TMASE-Version: IMSVA-9.1.0.1600-8.2.1013-23600.006 X-TMASE-Result: 10--21.438600-10.000000 X-TMASE-MatchedRID: DuKherWvI/voSitJVour/RcanaCAqviG31asM/gsp2lMjJKuXxh7tsSK I2zVNBuVxaNC1wgDyKaB+MrUoQlMl/DjiC5aMv9M0XO+Yq6CqgIcVY4wxvgKp7rPnPXoJZscTwl TXRiZjcEjypnGhZoY9YdziXCvHmFEwPFufF78O4iVUcz8XpiS9AntbDzhQonTdow/ybqqTpIs7E Lqy7JDxg5Cdc9CVi5xGT5h38ROXNfH4JN4GsPAjhcqpH7D1rtQKx5ICGp/WtGv2wYIrySe7gJjL DMzzZnzlDIbS91VMbbz/Kn5a2icXi6aTCWFMdoZylAqNTt8FdXljSRvSGpq3FpbYq2f4jz+Y3Gd Dr1JjFoSIx4SDL9Y5l8qPOpVp2uniNCj8jDazVL9KXlxhBAZb4N12XKYbuJLStFk/81wIJKLOsW lYdMG9wR1ZtMYefFWPC7j/mzpDFrd4xdn1XD3cwwfhKwa9GwDWq9ln3+CkiGlF7MF/8ayEjnuQW M5MjklF/CgZrFM3+qnQiMduIEPNqFx4PiqFtlGuWB2ZAowRT3QAMcwVYPxQ56fSoF3Lt+MPMAru rUD4iK0SEhcjR8IEwB3V07KdSwJAd8nIUbSncx6a7qHolmGuZkShYcLpGH9BL+V9lD389E/uAMu IS3/V++wSELyt95aKeOueo+W45SjbvDx57hYL8DORqgKKiYqwx0jRRxcQfMKw+Kw6rehm+RqQAx bWD9+4vM1YF6AJbZO+3uGNcav946HM5rqDwqtTEoeKPGXEoKa+jOw5ZtPOMH4Cm0t/9S37qYVQk UgODGWJc45yAozIA== X-TMASE-SNAP-Result: 1.821001.0001-0-1-12:0,22:0,33:0,34:0,39:0-0 X-Content-Filtered-By: Mailman/MimeDel 2.1.23 Subject: Re: AsciiPrint() in HttpBootDxe Corrupting the Setup screen X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 17 Jan 2018 10:23:31 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable [Patch] NetworkPkg\HttpBootDxe: AsciiPrint() in HttpBootDxe Corrupting the = Setup screen NetworkPkg\HttpBootDxe\HttpBootSupport.c | 2 ---- NetworkPkg\HttpBootDxe\HttpBootClient.c| 10 ++++ 2 files changed, 10 insertions(+), 2 deletions(-) NetworkPkg\HttpBootDxe\HttpBootSupport.c NetworkPkg\HttpBootDxe\HttpBootClient.c EFI_STATUS HttpBootCheckUriScheme ( IN CHAR8 *Uri ) { UINTN Index; EFI_STATUS Status;. . . // // Return EFI_INVALID_PARAMETER if the URI is not HTTP or HTTPS. // if ((AsciiStrnCmp (Uri, "http://", 7) !=3D 0) && (AsciiStrnCmp (Uri, "htt= ps://", 8) !=3D 0)) { - AsciiPrint ("\n Error: Invalid URI address.\n"); DEBUG ((EFI_D_ERROR, "HttpBootCheckUriScheme: Invalid Uri.\n")); return EFI_INVALID_PARAMETER; } // // HTTP is disabled, return EFI_ACCESS_DENIED if the URI is HTTP. // if (!PcdGetBool (PcdAllowHttpConnections) && (AsciiStrnCmp (Uri, "http://= ", 7) =3D=3D 0)) { - AsciiPrint ("\n Error: Access forbidden, only HTTPS connection is all= owed.\n"); DEBUG ((EFI_D_ERROR, "HttpBootCheckUriScheme: HTTP is disabled.\n")); return EFI_ACCESS_DENIED; } . . . } EFI_STATUS HttpBootDhcp4ExtractUriInfo ( IN HTTP_BOOT_PRIVATE_DATA *Private ) { HTTP_BOOT_DHCP4_PACKET_CACHE *SelectOffer; HTTP_BOOT_DHCP4_PACKET_CACHE *HttpOffer; UINT32 SelectIndex;. . . . // // Check the URI scheme. // Status =3D HttpBootCheckUriScheme (Private->BootFileUri); if (EFI_ERROR (Status)) { DEBUG ((EFI_D_ERROR, "HttpBootDhcp4ExtractUriInfo: %r.\n", Status)); + if (Status =3D=3D EFI_INVALID_PARAMETER) { + AsciiPrint ("\n Error: Invalid URI address.\n"); + } else if (Status =3D=3D EFI_ACCESS_DENIED) { + AsciiPrint ("\n Error: Access forbidden, only HTTPS connection is= allowed.\n"); + } return Status; } . . . } EFI_STATUS HttpBootDhcp6ExtractUriInfo ( IN HTTP_BOOT_PRIVATE_DATA *Private ) { HTTP_BOOT_DHCP6_PACKET_CACHE *SelectOffer; HTTP_BOOT_DHCP6_PACKET_CACHE *HttpOffer; UINT32 SelectIndex; . . . Status =3D HttpBootCheckUriScheme (Private->BootFileUri); if (EFI_ERROR (Status)) { DEBUG ((EFI_D_ERROR, "HttpBootDhcp6ExtractUriInfo: %r.\n", Status)); + if (Status =3D=3D EFI_INVALID_PARAMETER) { + AsciiPrint ("\n Error: Invalid URI address.\n"); + } else if (Status =3D=3D EFI_ACCESS_DENIED) { + AsciiPrint ("\n Error: Access forbidden, only HTTPS connection is = allowed.\n"); + } return Status; } . . . } Please review the patch. Thanks, Karunakar From: Karunakar P Sent: Wednesday, January 17, 2018 2:44 PM To: 'Wu, Jiaxin'; Ye, Ting; Fu, Siyuan; 'edk2-devel@lists.01.org' Subject: RE: AsciiPrint() in HttpBootDxe Corrupting the Setup screen Hi Jiaxin, We'll send the formal patch for review and also could you please let me kno= w if you want to fill a bug in Bugzilla if needed. Thank You, Karunakar From: Wu, Jiaxin [mailto:jiaxin.wu@intel.com] Sent: Thursday, January 11, 2018 6:21 AM To: Karunakar P; Ye, Ting; Fu, Siyuan Subject: RE: AsciiPrint() in HttpBootDxe Corrupting the Setup screen Hi Karunakar, I agree the fix, can you send out the formal patch for the review or need u= s to follow that? Thanks, Jiaxin From: Karunakar P [mailto:karunakarp@amiindia.co.in] Sent: Wednesday, January 10, 2018 4:48 PM To: Wu, Jiaxin >; Ye, Ting = >; Fu, Siyuan > Subject: AsciiPrint() in HttpBootDxe Corrupting the Setup screen Hello All, [Issue] 1. On giving Invalid URI in Boot URI field in "HTTP Boot Configuratio= n" Page, doing AsciiPrint() in TSE corrupting the Screen. AsciiPrint ("\n Error: Invalid URI address.\n"); 2. When HTTP connection are disabled using "PcdAllowHttpConnections" On giving http URI in Boot URI field in "HTTP Boot Configuration" Page, doi= ng AsciiPrint() in TSE corrupting the Screen. AsciiPrint ("\n Error: Access forbidden, only HTTPS connection is allowed.= \n"); [Fix] 1. I guess We've added this AsciiPrint() because HttpBootCheckUriSche= me() is common for both generic HTTP boot over IPv4/6 and "Http Boot Config= uration" page 2. In case of "Http Boot Configuration", AsciiPrint() may not be nee= ded in HttpBootCheckUriScheme because we're already using CreatePopUp() in = case of Error Status CreatePopUp ( EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, &Key, L"ERROR: Unsupported URI!", L"Only supports HTTP and HTTPS", NULL ); (Or) CreatePopUp ( EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, &Key, L"ERROR: Unsupported URI!", L"HTTP is disabled", NULL ); 3. When we do Http Boot over IPv4/6, from HttpBootCheckUriScheme() th= ere is chance to get return status as EFI_INVALID_PARAMETER or EFI_ACCESS_D= ENIED 4. In this case we can have AsciiPrint() based on return Status, inst= ead of doing in HttpBootCheckUriScheme() I've attached the suggested changes, could you please review and provide yo= ur comments/Suggestions. Thanks, Karunakar